There are two phases of installation to consider, installing the AnyConnect VPN client files on the Adaptive Security Appliance (ASA) for automated download and install to systems, and the actual install on the remote PCs themselves. This document provides an overview of both phases.

The files needed for installation are located at http://www.cisco.com/pcgi-bin/tablebuild.pl/anyconnect.

Loading the AnyConnect VPN Software on the ASA

Use the copy command to copy the image file to the flash of your ASA. Then use the svc image command from webvpn configuration mode to identify the file as the client package file. You can install many different packages for different operating systems and use the svc image command to order them from most popular (lowest number) to least popular (highest number).

Enabling AnyConnect SSL VPN Connections on the ASA

Here is sample configuration that enables the AnyConnect VPN client connections on the ASA:

Automating the Installation for Remote PCs

If using a Certificate Authority (CA) for certificates on the ASA, configure the certificate as a trusted CA on client machines

If using a self-signed certificate on the ASA, install it as a trusted root certificate on client machines

Ensure the Common Name (CN) in the ASA certificates matches the name clients use to connect

If you are using Cisco Security Agent (CSA), warnings will most likely display to end users during install

For Microsoft Internet Explorer installations, install the ASA to the list of trusted sites; this may be automated using Active Directory

For more information on the AnyConnect VPN Client, here are Google searches to use:

site:cisco.com AnyConnect Release Notes

site:cisco.com AnyConnect Administration Guide

site:cisco.com Security Appliance Configuration Guide AnyConnect

About INE

INE is the premier provider of technical training for the IT industry. INE is revolutionizing the digital learning industry through the implementation of adaptive technologies and a proven method of hands on training experiences. Our portfolio of trainings is built for all levels of technical learning, specializing in advanced networking technologies, next generation security and infrastructure programming and development.
Want to talk to a training advisor about our course offerings and training plans? Give us a call at 877-224-8987 or email us at sales@ine.com